<?php
namespace src;
use classlib\core as C;
use classlib\input;
class sview {
	public static $origin;
	public static $view;
	public static $ctrl;
	public static $acl;
	public static $debug = false;
	
	/**
	 * 初始化权限验证等资料信息
	 * @return void
	 */
	public static function init() {
		self::$acl    = \classlib\acl::inst('ACLapi');
		self::$view   = C\view::inst('json');
		self::$origin = \classlib\input::stream();
		(!isset($_SERVER['HTTP_USER_AGENT'])) && $_SERVER['HTTP_USER_AGENT'] = 'app-api';
		if (empty(self::$origin)) {
			return;
		}
		//根据请求头解析到ctrl对象当中
		if (strpos($_SERVER['CONTENT_TYPE'], "application/json") !== false) {
			self::$ctrl = json_decode(self::$origin, true);
		}
	}
	
	/**
	 * 获取错误提示语
	 * @param string $code
	 * @param string $segs
	 * @return string
	 */
	public static function error($code, $segs='core') {
		static $lang = NULL;
		if (is_null($lang)) {
			$lang = C\lang::inst('web');
		}
		$args = func_get_args();
		$args = array_slice($args, 2);
		$error= $lang->txt($segs, $code, ...$args);
		self::$view->assign_error($code, $error);
	}
	
	/**
	 * 验证用户的提交的调试信息数据接口
	 * @return void
	 */
	public static function debug() {
		self::$acl   = \classlib\acl::inst('ACLapi');
		self::$view  = C\view::inst('json');
		self::$ctrl  = $_GET;
		self::$debug = true;
		$userid      = \classlib\input::get('__userid');
		self::$acl->user = array('id'=>$userid);
		$_SERVER['HTTP_ACTION']    = \classlib\input::get('action');
	}
	
	/**
	 * 验证数据篡改校验码
	 * Enter description here ...
	 */
	public static function check_sum() {
		$checksum = isset($_SERVER['HTTP_CHECKSUM'])? $_SERVER['HTTP_CHECKSUM']:'';
		$checkstr = $_SERVER['HTTP_ACTION'].self::$origin.$_SERVER['HTTP_SIGNATURE'];
		if (strcmp($checksum, md5($checkstr)) != 0) {
			sview::$view->assign_error(506, self::error(506));
		}
	}
	
	/**
	 * 验证请求合法性，签名至少要能过
	 * @param bool $sumchk
	 * @param bool $nlogin --是否要强制登录验证
	 */
	public static function verify($sumchk=true, $nlogin=false) {
		//如果调试环境 非强制验证跳过
		if (self::$debug && !input::get('__force')) {
			return;
		}
		($sumchk && !self::$debug) && self::check_sum();
		$sign = isset($_SERVER['HTTP_SIGNATURE'])? $_SERVER['HTTP_SIGNATURE']:input::get('__sign');
		//需要验证，但是登录验证通不过
		if ($nlogin && self::$acl->decrypt($sign)) {
			sview::$view->assign_error(508, self::error(508));
		} else if (!$nlogin) {//只要验证签名的合法性即可
			if ($sign[0] == '*') { //验证请求的匿名签名
				if (!self::rehash(substr($sign, 1))) {
					sview::$view->assign_error(507, self::error(507));
				}
			} else if (!self::$acl->decrypt($sign)) {
				sview::$view->assign_error(508, self::error(508));
			}
		}
	}
	
	/**
	 * 获取web的随机跟踪码信息
	 * @return string
	 */
	public static function hash() {
		$sstr = sprintf('%d%d', C\config::$nowtime, mt_rand(1000, 9999));
		$hash = substr(md5($sstr), 0, 16);
		$data = sprintf("%s-%s", $hash, $sstr);
		$hash = \classlib\crypt\xxtea::encrypt($data);
		return $hash;
	}
	
	/**
	 * 验证消息传递过程中的跟踪码
	 * @param string $skey
	 * @return bool
	 */
	public static function rehash($hash) {
		$data  = \classlib\crypt\xxtea::decrypt($hash);
		list($hash, $ltime) = @explode('-', $data);
		if (strcmp($hash, substr(md5($ltime), 0, 16)) == 0) {
			return $hash;
		}
		return false;
	}
}